CVE 8.5 HIGH

CVE-2025-59373_CVE-2025-59373

November 24, 2025 invoker category_cve

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A local privilege escalation vulnerability exists in

the restore mechanism of

ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM.
For more information, please refer to section Security Update for MyAsus in the ASUS Security Advisory.

AI Analysis

Local privilege escalation vulnerability in ASUS System Control Interface's restore mechanism

Basic Information

ID CVE-2025-59373

Source ASUS

Published Nov 25, 2025 at 02:03

Affected Product

Vendor ASUS

Product MyASUS

Affected Versions ASUS MyASUS 0

CWE Classification

CWE-732

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor ASUS

Product MyASUS

References

www.asus.com /content/security-advisory/

{
    "lastseen": "",
    "description": "A local privilege escalation vulnerability exists in \n\n the restore mechanism of \n\nASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM.\nFor more information, please refer to section Security Update for MyAsus in the ASUS Security Advisory.",
    "published": "2025-11-25T02:03:36.980Z",
    "modified": "2025-11-25T02:03:36.980Z",
    "type": "cve",
    "title": "CVE-2025-59373",
    "source": "ASUS",
    "references": "https://www.asus.com/content/security-advisory/",
    "id": "CVE-2025-59373",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "ASUS MyASUS 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MyASUS",
    "version": "0",
    "vendor": "ASUS",
    "ai_description": "Local privilege escalation vulnerability in ASUS System Control Interface's restore mechanism",
    "ai_severity": "High",
    "ai_vendor": "ASUS",
    "ai_product": "MyASUS",
    "ai_version": "0",
    "ai_score": 8.5
}

💭 Join the Security Discussion ❌ Cancel Reply